CVE-2012-4932

Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...

CVE-2009-3580

Cross-site request forgery CSRF vulnerability in am.pl in SQL-Ledger 2.8.24 allows remote attackers to hijack the authentication of arbitrary users for requests that change a password via the login, newpassword, and confirmpassword parameters in a preferences action...

DEBIAN-CVE-2009-3580

Cross-site request forgery CSRF vulnerability in am.pl in SQL-Ledger 2.8.24 allows remote attackers to hijack the authentication of arbitrary users for requests that change a password via the login, newpassword, and confirmpassword parameters in a preferences action...

UBUNTU-CVE-2009-3580

Cross-site request forgery CSRF vulnerability in am.pl in SQL-Ledger 2.8.24 allows remote attackers to hijack the authentication of arbitrary users for requests that change a password via the login, newpassword, and confirmpassword parameters in a preferences action...

CVE-2009-3580

Cross-site request forgery CSRF vulnerability in am.pl in SQL-Ledger 2.8.24 allows remote attackers to hijack the authentication of arbitrary users for requests that change a password via the login, newpassword, and confirmpassword parameters in a preferences action...

PHP iCalendar 2.24 - cookie_language Local File Inclusion Arbitrary File Upload

PHP iCalendar 2.24 - cookielanguage Local File Inclusion Arbitrary File Upload '.$lang'lcalfile'.' '.$filenumber.': '.$lang'lactionsuccess'.''; 84. el...